CVE-2017-17777

2017-12-2003:00:00

mitre

www.cve.org

AI Score

9.6

Confidence

High

EPSS

0.007

Percentile

79.7%

JSON

Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.

References

github.com/d4wner/Vulnerabilities-Report/blob/master/paid-to-read-script.md